Code: Select all
ssl = on
ssl_ciphers = 'HIGH:MEDIUM:+3DES:!SSLv3:!aNULL:@STRENGTH'
I run the postgres db from command line with the -d 1 flag to get a report on the quality of the connection.
With this setup dotConnect fails to connect with the error "The server hello message uses a protocol that was not recognized".
I've tried other cipher lists as well but whenever I put !SSLv3 in the Postgres Cipher List it fails to connect.
However PgAdmin and openssl.exe connects without an issue in these cases, in both cases the server reports TLS 1.2 connections, cipher=ECDHE-RSA-AES256-GCM-SHA384
The main reason for adding !SSLv3 to the cipher list is to prevent any client connecting to the Postgres server using the less secure SSL3 protocol as this poses a security risk.